Facebook reportedly shopping for a cybersecurity company

Facebook wants its billions of users to know it cares about beefing up security in the wake of a major security breach, and now it appears the social media giant is ready to spend some money on a major cybersecurity acquisition to make it happen.

Facebook has approached several security companies about a possible acquisition, The Information reported Sunday, citing sources described as familiar with the matter. Possible takeover targets weren't identified, but the tech news outlet said a deal could be announced as soon as the end of the year.

Facebook's push to reinforce its security comes less than a month after what the company calls the biggest security breach in its history. The social network originally suspected as many as 50 million user accounts were affected but now believes it compromised the personal information for 29 million users, including phone numbers, email addresses and recent searches.

Facebook has tentatively concluded that spammers masquerading as a digital marketing company were behind the massive security breach, and not hackers working for a nation-state, according to the Wall Street Journal.

Facebook has said it's working with the FBI, which asked it not to discuss who might be behind the attack or whether they were targeting anyone in particular. But it's also said there's no reason to believe the breach was related to the upcoming US midterm elections.

The breach stemmed from a vulnerability in Facebook's "view as" feature, which lets people see what their profiles look like to other people. Attackers exploited code associated with the feature that allowed them to steal "access tokens" that could be used to take over people's accounts. The attackers also used a technique that let them steal access tokens from the friends of the accounts they already controlled, expanding their reach.